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PASSWORD PROTECTION 



This invention relates to password protection and particularly, but not 
exclusively, to a method of updating a password by direct user input from a 
5 telephone. In This application, the terms updating and changing are used 
synonymously. 

European Patent Application EP 0 862 104 A {Casio Computer Co., Lid.) 
discloses an authentication system in which a user's terminal device stores the 
user's username and his password, and for each access attempt nt/thenliccHiori is 

10 based upon the username and password read out of the store in Thy terminal device 
and sent to the authentication server. This avoids the need for rhe user to remember 
his username and password. There is also disclosed the use of the telephone number 
of rhe terminal device as the user's username, and obtaining this telephone number 
from the incoming access attempt call. Thus, in this case only the user'r. password 

15 is required to be read from the store in the terminal device and *;«nt lo the 
authentication server. 

European Patent Application EP O 541 435 A (Fujitsu Limited) discloses an 
authentication system in which a caller provides a username and a pnsswurd. which 
are checked. If they match an existing entry, the telephone number from which that 

20 current access attempt is being made is obtained from the incoming caff, smred for 
use with the next access attempt for chat username, and compared with the 
corresponding telephone number stored for the previous access attempt. If there is 
no match, a warning message is played and the caller is requested to enter a second 
password. This system helps to prevent fraudulent use of a person's usftrname and 

25 password from a telephone different from the one that the person normally uses. 

European Patent. Application EP 0 745 924 A (AT&T) discloses a method of 
authenticating user terminal access to ^^service provider by mentis of a service 
bureau. The service bureau sets up a new user terminal for password authenticated 
access by encrypting the calling line identity (CLI) associated with that user's 

30 terminal, which the service bureau obtains from a network-based si u torn otic number 
identification (AND unit, and sending the encrypted CLI to the user's terminal for 
storage as a password. When the user desires access to the service provider, he 
makes a call from his user terminal to the service bureau, which encrypts the CLI of 
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that call, automatically retrieves the password stored in tho user's terminal and, 
upon finding a match between the retrieved password and the newly encrypted CLI, 
permits access to the service provider. 

The service bureau is programmed for automatically changing the password 
5 stored in the user's Terminal. This change is effected following normal authentication 
of a user terminal by the service bureau re-encrypting the CLI usiny a different 
encryption key, and sending the newly-encrypted CU to the user's terminal to be 
stored for use instead of the previously stored password. 

Japanese Patent Application JP 07 129511 A (Nippon I olograph and 

10 Telephone Corporation) discloses a method of changing a user's password in which 
the user contacts the password change service (PCS) from a telephone previously 
designated to the PCS, gives his user ID, and then enters a new password. The PCS 
looks up the user's ID in its database and retrieves the designated telephone* number 
associated with that user's ID. The PCS makes a call to that designated telephone 

1 5 number and requests the user to enter the password again. The PCS compares this 
second entered password with the first entered password, and upon a match writes 
the password to its database in association with that user's ID. 

In accordance with a first aspect of the present invention, there is provided 
a method of password update for a password protected access systurn having a 

20 password store in which each entry is constituted by a respective network terminal 
identity store and an associated respective password store, ihe method comprising 
ihe steps of: 

receiving at a password update service a call from a network tennirial; 
retrieving by the password update service from signalling information of thai 
25 received call the identity of the network terminal from which that call was made; 

accessing the password store in accordance with the retrieved network 
terminal identity; and 
characterised by the steps of: 

upon locating an entry whose stored network terminal identity nmU;itt.is thai 
30 retrieved network terminal identity, playing an announcement to the caller requesting 
the entry of a password at that network terminal; and 
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upon receipt at the password update service of a password entered in 
response to that request, writing that received password into th« associated 
respective password store of the located entry. 

An advantage of a method of the present invention is the avoidance of 
5 manual password resetting procedures performed by system administration 
personnel. Another advantage is that it is a quick and simple one-s?c«p password 
entry procedure that does not involve any call-back 10 a designated number, and 
Thus avoids any problems that would arise should that designated number have 
special call handling set, such as divert, which would result in thai cull not being 
10 delivered to the designated number. 

In accordance with a second aspect of the present invention, there is 
provided a password protected access system having a password store in which 
each entry is constituted by a respective network terminal identity score and an 
associated respective password score, and including a password update system 
IS comprising: 

means for receiving a calf from a network terminal; 

means for retrieving from signalling information of thai received call the 
identity of the network terminal from which that call was made; and 

means for accessing the password store in accordance with the retrieved 
20 network terminal identity; and 
characterised by: 

means responsive to a successful location of an entry whose stored network 
terminal identity matches that retrieved network terminal identity, for playing an 
announcement to the caller requesting the entry of a password ai that network 
25 terminal; and 

means responsive to receipt of a password entered in response to that 
request, for writing that received passwt^J into the associated respective password 
store of the located entry. 

In accordance with a third aspect of the present invention. there is provided 
30 a method of registering a new user of a password protected access system having » 
password store in which each entry is constituted by o respective network terminal 
identity store and an associated respective password store, the method comprising 
the steps of: 
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receiving at a password management service a call from a network terminal; 



retrieving by the password management service from signalling information 
of thai received call the identity of the network terminal from which that call was 
made; 

5 accessing the password store in accordance with the retrievftd network 

terminal identity; 

upon failure to locate an entry whose stored network terminal identity 
matches that retrieved network terminal identity, making a new entry in respect of 
That retrieved network terminal identity; 
10 playing an announcement to the caller requesting the yntry or a password at 

That network terminal; and 

upon receipt at the password management service of a password entered in 
response to that request, writing that received password into the? associated 
respective password store of the newly made entry. 
15 In accordance with a fourth aspect of the present invention, Uieru is 

provided a password protected access system having a password store in which 
each entry is constituted by a respective network terming identify store and an 
associated respective password store, and including a password management 
system comprising; 
20 means for receiving a call from a network terminal; 

means for retrieving from signalling information of rhat received call the 
identity of the network terminal from which that call was made; and 

means for accessing the password store in accordance with the retrieved 
network terminal identity; and 
25 characterised by: 

means responsive to an unsuccessful location ol an entiy whose siorud 
network Terminal identity matches that retrieved network terminal identity, Fur 
making a new entry in respect of that retrieved network terminal identity and for 
triggering the playing of an announcement to the caller requesting i\\tx entry of a 
30 password at that network terminal; and 

means responsive to receipt of a password entered in response to that 
request, for writing that received password into the associated respective.* password 
store of the newly made entry. 
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In accordance with a fifth aspect of the present invention, there is provided 
a method of user authentication in a password protected across system having a 
password store in which each entry is constituted by a respective user-nominated 
network terminal identity and an associated respective password, the method 
(5 comprising the steps of: 

in response to receipt at the password protected access system of a call 
from a calling user at a network terminal, requesting the calling user to enter at thai 
network terminal his nominated terminal identity and password; 
receiving the entered terminal identity and password; 
10 accessing the password store in accordance with the received enured 

Terminal identity; and 

upon locating an entry whose stared network terminal identity and 
associated password match the received entered terminal identity and password, 
authenticating that calling user. 
15 Specific embodiments of the present invention will now bn described by way 

of example with reference to (he drawing in which Figure 1 showy component parts 
of y password change service of the present invention. 

By way of background to the present invention, it is known for password 
protected access to, for example, a remote database holding a user's personal 
20 information, to be performed by user providing a user identity luser ID or userlD), 
also called a username, to identify the particular stored information which the user is 
requesting access to, and a password. The user identity is commonly ;* set of letters, 
often the initials of the user's names, e.g. dje or rgb. The provided password is 
compared with a password previously provided by the user and stored in association 
25 with the user identity, and, if there is a match, the user is granted uccess. 

In this known arrangement, if the user forgets his password, ho ha:; to 
contact the system administrator responsible for the database, provide sufficient 
proof of his identity, and request a reset of his password. The system administrator 
has to effect a change of the recorded password to a nominal password, for example 
30 "password", and notify the user of that nominal password. Th« user can thereafter 
access his information using that nominal password, but for security reasons usually 
performs a change password procedure to change that nominal password to one 
which is more secure. In this change password procedure, the user is asked to enter 
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the existing password, then his newly chosen password, and, for confirmation, to 
enter the new password again. 



In the present invention, the user identity is not in the form of the user's 
initials, but is a nominated network terminal identity, which in this cmhnrjimenl i:; a 
5 telephone number, and this will usually be the number of the user's home or work 
telephone. Herein the terms nominated telephone number and nominated telephone 
arc used synonymously and interchangeably. 

For normal access, the user calls the password protection system from any 
telephone, and when prompted for a user identity he enters the nominated telephone 
10 number via the keypad, or speaks it if there is an interactive vnico response unit 
(IVR) at the password protection system. The user will then be prompted <n the 
usual manner for entry of his password, which, likewise, he enters via the keypad or 
the IVR. 

If the user has forgotten his password, he makes a call from the telephone 
15 corresponding to the nominated number, i.e. the nominated telephone, ro a 
password change service of the password protection system. On receipt at The 
password protection system of the incoming call From the user, the signalling 
information is examined and the content of the calling line identity field (CLi) is 
retrieved, and the user is prompted to enter a new password, vim keypad or the IVR. 
20 This new password is then stored in ptaco of the previously stored password in 
association with th« user identity in the form of the retrieved CLi, i.e. the nominated 
telephone number. 

This password change procedure avoids the inefficient use t>\ system 
administration personnel, the delay to the user when such system administration 
25 personnel perform a manual change, and the risk that Che user fails to cluinqo from 
thft nominal password, which is inherently insecure, to a more secure password. 

In a specific embodiment shown in Figure 1, the password protected 
information is a electronic personal telephone or email address hook remotely stored 
on a database 10, accessed via a data network 12, such as the Internet or a 
30 corporate intranet, and a server 14. 

The user activates a computer 16 at any suitable site, and launches a 
browser in known manner to access the server 14. He receives from th« server 14 
an access page having text boxes for the entry of a user identity and a password. 
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Using Ths keyboard, the user enters the nominated telephone number for the user 
identity, and the current password. The server 14 performs a comparison of the 
entered password with the stored password associated with that user identity, and 
upon y match permits the user access to his address book. 
5 If the user has forgotten his password, or if someone has managed to obtain 

access to the user's nominated telephone, say his work telephone 20, and change 
the password, then the user makes a call from his nominated telephone 20, via a 
telephone network, for example a private telephone network 22, m a predetermined 
destination terminal number at a CT1 system 24 operating a change password 
10 service. 

As shown in the Figure, the change password service is operated by a CTI 
system 24 which is at a geographically separate location from the server 14. In 
variants, The CT| system 24 operating a change password service can be local to the 
server 14, or that function can even be made integral with the server 14. 

15 In The present embodiment, the CTI system 24 will send the usor's ideality 

(CLU and new password to the database 10. Thus in this specific embodiment, the 
CTI system 24 constitutes means for receiving a call from a network terminal and for 
retrieving from signalling information of the call the identity of the network terminal 
from which that call was made, means fur receiving from that network terminal 

20 information representative of a password, and means for updating a current 
password stored in association with that network terminal identity by replacing it 
with ^aid information representative of a password. In a variant, the CT! system 24 
sends the user's identity (CU) and new password to the database 10 via the server 
14. 

25 The change password service, also referred to in this respect as a password 

management service, is also responsible for establishing a new user area in the 
database. A new user makes a cafJ to^hc change password serviee, and upon 
prompting for a telephone number enters a telephone number, and upon prompting 
ror a password the user either enters a password or, if the user chotjsur. not lo 

30 provide a password at this initial area set up stage, terminates the user nrya uvX up 
procedure in some appropriate manner, e.g. by going on hook or entering "0" on the 
keypad. This entering of a telephone number by the user constitutes direct provision 
cit a network, terminal identity by the user. The change password service now 
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communicates with the database 10 and requests the allocation of :i now user area, 
i.e. a telephone number store and an associated password store, and provides That 
entered telephone number to the database 10, together with the entered -password, 
if provided by the user at this stage. 
5 if the user enters a password at the password prompt, the database 10 sets 

a Password Set flag associated with that newly established user aren. if the user did 
not enter a password at the password prompt, the content of the password sunt; in 
that user area remains filled with null characters, and the Password Ser U&$ remains 
reset. The establishing of a new user area can alternatively be performed by system 

10 administration personnel upon receipt of the required information from s new user 
via, for example, the postal service. Once a new user area ha,*; been established, the 
user then updates the latest recorded password In his area using the rut! thud of the 
present invention by making a call to the change password sturvico from The 
nominated telephone. It will be understood that the latesr recorded password can be 

1 5 any of: null characters when the user has set up a new area but Ims not provider! a 
password; or an initially provided password; or the password entered at the latest 
use of the change password service. 

In a variant, the new user area can be set up via the user's computer 10 by 
downloading a set up page from the server 14, entering The nominated telephone 

20 number and, if required at this stage, a password, in respective texi entry boxes, 
and clicking on a submit button in known manner. This entering oi a telephone 
number by the user constitutes direct provision of a network terminal identity by thy 
user. 

In a further variant, since the change password service retrieves a CI I from 
25 an incoming call, the user can indicate to the change password service, by entering 
# on the telephone keypad, that he wishes that CLI to be used as the nominuted 
telephone number. This utilising by the^hange password service of the CLI m 
response to a command ("#") from the user constitutes indirect provision of a 
network terminal identity by the user. The change password service will respond by 
30 requesting the user to enter a password. If the user is merely setting up a now user 
&rez\ and intending to defer providing a password, he need not supply a password at 
this time, and can indicate this by again entering #. 
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Whereas it is most convenient for the nominated telephone number to be the 
Telephone where the user is most likely Co be located when he needs to cafl the 
change password service, it need not be so. As an example of a cliMcrenf procedure, 
a user may nominate the telephone number of a trusted person, e.g. his rather, living 
5 in a completely different area to where he works, possibly even a different country. 
The present invention will still work, provided that the calling line identity is 
delivered. The user now calls his trusted person, gives him a now password and asks 
him to call the change password service and enter the new password when 
prompted. 

TO It will now be appreciated that the present Invention is concerned with t\ 

password change facility in a password protected access for hurrum users, where 
those users have user identities in the form of network terminal identity {also 
referred to as a network address). When a user desires access to a required target, 
e.g. a remote database such as mentioned above, be dials the normal access number 

1 5 fur the protection system from any terminal in the network, and provides to ih« 
protection system his user identity and password by voice or key input . The 
protection system uses that provided identity to locate the user's on try «<mc.J checks 
the provided password against the stored password. The user decides whan he 
wants to change his password, and dials the special number for the password 

20 change service of the protection system, ft is this change service that ubUiins the 
CLI ol the call and upon receipt of the new password entered by vhe user 
immediately stores that newly received password in association with that CLI. The 
procedure; of The present invention is easy and quick, avoids any need to use known 
update procedures, and whenever the user wishes to update his password, whether 

25 because he has forgotten it, or because he thinks that its security has boen 

compromised and he wishes to update it for security reasons, or because he think *j 
that he might have entered his intended ne^ password incorrectly, or whatever, rha 
user only has to repeat the simple method of the present invention. 

The present invention distinguishes from the abovemenrioned A I & I 
30 disclosure which is not concerned with human user authentication, hul with 
authentication of an actual terminal equipment by ensuring that the terminal 
equipment is attached to the network termination corresponding with its original 
registration. The AT&T authentication system prevents a terminal equipment front 
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being taken to a different network termination, i.e. telephone line, but ii. does not: 
provide any protection against a different human user activating thn terminal 
equipment; it does not require The user to provide any personal ideniily, but merely 
encrypts the number provided by the network ANI equipment, i.e. the CLI; nnd it 
5 requires the terminal equipment to store that encrypted CLI as a password retrievable 
from the terminal equipment upon command by the authentication system. 
Furthermore, it is the authentication system, and not the user, that decides when to 
replace The stored encrypted CLI in the terminal equipment, th.;it decides the new 
encryption key, that generates the replacement password rather than rtit:oiviny the 

1 0 replacement password from a user. 

The present invention distinguishes from the above-mentioned Casio Computer 
Co. disclosure which is concerned with capturing a user's originally submitted 
password, storing it with his username within his terminal device, and instead of 
using a step of requesting the user to enter his password and username, reads our 

15 the stored password and username. In this way, there is no usemame or password 
entered by the user at each access attempt, and therefore no possibility of rh« u:;t;r 
forgetting his details and having to contact authentication personnel for password 
reset (update). 

The present invention distinguishes from the aboverncntioned Nippon 
20 Telegraph and Telephone Corporation disclosure which is concerned with 

authenticating a password update attempt by a combination of dinlback security, i.e. 
making contact with the user by calling him back on a telephone number known to 
be secure, and requesting a second entry of the new password. 

Unless the context clearly requires otherwise, throughout the description and 
25 the claims, the words "comprise", "comprising* and the likfi are to be construed in 
an inclusive as opposed to an exclusive or exhaustive sense; that is ro say, in the 
sense of "including, but not limited to". ^ 
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CLAIMS 



1 . A merhod of password update for a password protected access system 

having a password store in which each entry is constituted by a respective network 
5 terminal identity store and an associated respective password store, the method 
comprising the steps of: 

receiving at a password update service a call from a network terminal; 
retrieving by the password update service from signalling information of that 
received call the identity of the network terminal from which that call was made; 
10 accessing the password store in accordance with the retrieved network 

terminal identity; and 
characterised hy the steps of: 

upon locating an entry whose stored network terminal identity marches that 
retrieved network terminal identity, playing an announcement to the caller requesting 
1 5 tha entry of a password at that network terminal; and 

upon receipt at the password update service of a password entered in 
response to that request, writing thai received password into 0v: associated 
respective password store of the located entry. 

20 P. A password protected access system having a password store in which 

each entry is constituted by 3 respective network terminal identity store and an 
associated respective password store, and including a password update system 

comprising; 

means for receiving a call from a network terminal; 
25 means for retrieving from signalling information of that received call the 

identity of the network terminal from which that call was made; and 

means for accessing the passwqr^ store in accordance with the retrieved 
network terminal identity; and 
characterised hy: 

30 means responsive to a successful location of an entry whose stored n«twork 

terminal identity matches that retrieved network terminal identity, for playing an 
announcement to the caller requesting the entry of a password at thai network 
terminal; and 
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means responsive tv receipt of a password entered in response to that 
request, for writing that received password into the associated respective password 
store of the located entry. 

5 3. A method of registering a new user of a password protected access system 

having a password store in which each entry is constituted by a respective network 
terminal identity store and an associated respective password store, the method 
nomprisiny the steps of: 

receiving at a password management service a call from a network terminal; 
10 retrieving by the password management service from signalling information 

of thai received call the identity of the network terminal from which that eaii was 
made: 

accessing the password store in accordance with the retrieved network 
terminal identity; 

upon failure to locate an entry whose stored network terminal identity 
matches Thar retrieved network terminal identity, making a new entry in respect of 
that retrieved network terminal identity; 

playing an announcement to the caller requesting the «ntry or a password at 
that network terminal; and 

upon receipt at the password management service of a password entered in 
response to that request, writing that received password into the associated 
respective password store of the newly made entry. 

4. A password protected access system having a password si ore in which 

2b each entry is constituted by a respective network terminal identity slur** and an 
associated respective password store, and including a password management 
system comprising; q 

means for receiving a call from a network terminal; 

mean?, for retrieving from signalling information of that recetvud call the 
30 identity of the network terminal from which that call was made; and 

means for accessing the password store in accordance with the retrieved 
network terminal identity; and 
characterised by; 



EmPf.ze it :09/07/2001 18:20 Enpf.nr.:l56 P.022 



AMENDED SHEET 



13 

means responsive to an unsuccessful location of an entry whose storfcd 
network terminal identity matches that retrieved network terminal identity, i or 
making a new entry in respect of that retrieved network terminal identity and for 
triggering The playing of an announcement to the caller requesting the entry of a 
b password at that network terminal; and 

means responsive to receipt of a password entered in response to that 
request, for writing that received password into the associated respective password 
store of the newly made entry. 



10 G - A method of user authentication in a password protected access system 

having a password store in which each entry is constituted by a respective user- 
nnminarad network terminal identity and an associated respective password, the 
method comprising the steps of; 

in response to receipt at the password protected access system of a call 
15 I rum £i calling user at a network terminal, requesting the calling user to enter at that 
network Uarminal his nominated terminal identity and password; 
receiving the entered tormina! identity and password; 

accessing the password store in accordance with the received entered 
terminal identity; and 

20 "P° n locating an entry whose stored network terminal k-Jt-ntiiy and 

associated password match ihn received entered terminal identity and password, 
authenticating that; calling user. 

6, A method of password update for a password protected access system, the 

25 method being as claimed in claim 1 and substantially as hereinbefore described with 
reference lo the drawing. 

"/. A password protected access system as claimed in claim Z, and 
subsuwuially as hereinbefore described with reference to the drawing. 

8. A method of registering a now user of a password protected access system, 

tho method being as claimed in claim 3 and substantially as hereinbefore described 
with reference to the drawing. 



30 
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d. A password protected access system as claimed in claim 4, and 
substantially as hereinbefore described with reference to the drawinrj- 

5 10. A method of user authentication in a password protected access system, 
the method being as claim in claim 5 and substantially as hereinbefore described 
with reference to the drawing. 
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